> Why do I have to do so ? Do I miss something, like configuration subtleties ? The only subtlety that I can perhaps point out is that the setting the 'renew' parameter for the filter applies to how the "CAS server" should behave when it receives a /login request from the client. Presently, I dont think there exists a renew-specific parameter for the client itself to enforce authN.
-Misagh > -----Original Message----- > From: yanis aumont [mailto:[email protected]] > Sent: Monday, July 23, 2012 7:50 AM > To: [email protected] > Subject: Re: [cas-user] Shibboleth/CAS : force authentication > > Le 23/07/2012 16:44, Marvin Addison a écrit : > >> I am currently working on developing a custom login handler for > >> Shibboleth IdP. The goal is to allow applications protected by a > >> CASified IdP to use forced authentication (which is currently not > >> possible with the RemoteUserLoginHandler). > > I'd recommend you check out > > https://github.com/Unicon/shib-cas-authenticator. It supports both > > renew and gateway by mapping to CAS protocol features onto the > > corresponding SAML2 protocol features. > > > > M > > > Thanks, but I already have checked this out. > It did help me, but my goal is a bit different : I want to develop a > new login handler, thus avoiding the need to establish an intermediate > CAS-protected resource, as it is done with shib-cas-authenticator > plugin. > > Yanis > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
